<?php
session_start();
require_once 'header.php';
function __autoload($className)
	{
    	require_once('class/' . $className . '.class.php');
	}
session::need_member();
$Soure=$_GET;
if(isset($Soure))
{
	
$CcId=intval($_GET['ccid']);
$GetCcInfo=database::LimitQuery('ccinfo',array(
'select' => 'ccnumber,exmonth,exyear,ccv2,country,pricesell,orderid,status',
'condition' => array(
'ccid' => $CcId
)
));
$CcNumsHash=$GetCcInfo[0]['ccnumber'];
$Exm=$GetCcInfo[0]['exmonth'];
$Exy=$GetCcInfo[0]['exyear'];
$Cvv=$GetCcInfo[0]['ccv2'];
$CcNums=hash::unhash($CcNumsHash, $Exm, $Exy, $Cvv);
$Soure="$CcNums|$Exm|$Exy|$Cvv";
$UserID=session::getuserid();
$OrderId=abs($GetCcInfo[0]['orderid']);
$PriceSell=$GetCcInfo[0]['pricesell'];
$CheckPermission=$GetCcInfo[0]['status'];
	$CheckConfirm=user::checkpermission('ccinfo', "userid=$UserID", "ccid=$CcId");
	$CheckBalance=user::checkpermission('userinfo',"userid=$UserID", "money >=0.5");
	if(($CheckConfirm==1)&&($CheckPermission=='nottest')&&($CheckBalance==1))
	{
		//echo $Soure;
		$Check=checkcc::toolbc($Soure);
		if($GetCcInfo[0]['country']=='us')
			{
				$Cost=0.5;
			}
			else
			{
				$Cost=1;
			}
		if($Check==1)
		{
			echo "<b>Valid</b>";
			database::Update('userinfo',array('userid' => $UserID),array('money' => array( "money - {$Cost}" )));
			database::Update('ccinfo',array('ccid' => $CcId),array('status' => 'VALID'));
			?>
			 <script type="text/javascript">
			 alert("Good CC");
			 </script>
			<?php
		}
		else
		{
			echo "<b>Invalid</b>";
			database::Update('ccinfo',array('ccid' => $CcId),array('status' => 'INVALID'));
			$CheckTime=user::checktime($CcId);
			if($CheckTime==1)
			{
				database::Update('userinfo',array('userid' => $UserID),array('money' => array( "money + {$PriceSell}" )));
				database::Update('orders',array('userid' => $UserID,'orderid' => $OrderId),array('refund' => array( "refund + {$PriceSell}" )));
				?>
			 <script type="text/javascript">
			 alert("Bad CC ! You have been refunded ");
			 </script>
			<?php 
			}
			else 
			{
				?>
				<script type="text/javascript">
			 alert("Bad CC !But you can not get refunding because the time is over 1 hour since you bought");
			 </script>
			 <?php 
			}
			
			
		}
		
	}
	else
	{
		?>
			 <script type="text/javascript">
			 alert("You get one of these mistake  1/- This cc do not belong to you 2/- This cc has been checked before 3/- Your balance is not enough 0.5");
			 </script>
			 <?php 
	}
	

}
else 
{
	echo "<img src='denied.jpg' >";
}
?>